about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* beginnings of full TLS support in shared librariesRich Felker2012-10-044-1/+19
| | | | | | this code will not work yet because the necessary relocations are not supported, and cannot be supported without some internal changes to how relocation processing works (coming soon).
* partial TLS support for dynamic-linked programsRich Felker2012-10-042-27/+77
| | | | | only TLS in the main program is supported so far; TLS defined in shared libraries will not work yet.
* TLS (GNU/C11 thread-local storage) support for static-linked programsRich Felker2012-10-046-14/+117
| | | | | | | | | | | | | the design for TLS in dynamic-linked programs is mostly complete too, but I have not yet implemented it. cost is nonzero but still low for programs which do not use TLS and/or do not use threads (a few hundred bytes of new code, plus dependency on memcpy). i believe it can be made smaller at some point by merging __init_tls and __init_security into __libc_start_main and avoiding duplicate auxv-parsing code. at the same time, I've also slightly changed the logic pthread_create uses to allocate guard pages to ensure that guard pages are not counted towards commit charge.
* tell the assembler to mark all files as not requiring executable stackRich Felker2012-10-031-0/+7
| | | | | | | | | | | for some reason this option is undocumented. not sure when it was added, so I'm using a configure test. gcc was already setting the mark correctly for C files, but assembler source files would need ugly .note boilerplate in every single file to achieve this without the option to the assembler. blame whoever thought it would be a good idea to make the stack executable by default rather than doing it the other way around...
* add getopt reset supportRich Felker2012-09-303-3/+19
| | | | | | | based on proposed patches by Daniel Cegiełka, with minor changes: - use a weak symbol for optreset so it doesn't clash with namespace - also reset optpos (position in multi-option arg like -lR) - also make getopt_long support reset
* protect sem_open against cancellationRich Felker2012-09-301-13/+19
| | | | | also fix one minor bug: failure to free the early-reserved slot when the semaphore later found to already be mapped.
* overhaul sem_openRich Felker2012-09-302-108/+99
| | | | | | | | | | | this function was overly complicated and not even obviously correct. avoid using openat/linkat just like in shm_open, and instead expand pathname using code shared with shm_open. remove bogus (and dangerous, with priorities) use of spinlocks. this commit also heavily streamlines the code and ensures there are no failure cases that can happen after a new semaphore has been created in the filesystem, since that case is unreportable.
* clean up, bugfixes, and general improvement for shm_open/shm_unlinkRich Felker2012-09-302-30/+28
| | | | | | | 1. don't make non-cloexec file descriptors 2. cancellation safety (cleanup handlers were missing, now unneeded) 3. share name validation/mapping code between open/unlink functions 4. avoid wasteful/slow syscalls
* define some _POSIX_* macros that were omitted; required for XSI conformanceRich Felker2012-09-301-0/+3
|
* more close-on-exec fixes, mostly using new "e" flag to fopenRich Felker2012-09-298-9/+9
|
* add 'e' modifier (close-on-exec) to fopen and fdopenRich Felker2012-09-292-2/+5
| | | | | | this feature will be in the next version of POSIX, and can be used internally immediately. there are many internal uses of fopen where close-on-exec is needed to fix bugs.
* fix some more O_CLOEXEC/SOCK_CLOEXEC issuesRich Felker2012-09-294-7/+5
|
* always expose accept4Rich Felker2012-09-291-4/+1
| | | | it will be in the next version of POSIX
* always expose dup3 and pipe2Rich Felker2012-09-291-2/+2
| | | | they will be in the next version of POSIX
* move accept4, dup3, and pipe2 to non-linux-specific locationsRich Felker2012-09-293-0/+0
| | | | | these interfaces have been adopted by the Austin Group for inclusion in the next version of POSIX.
* emulate SOCK_CLOEXEC and SOCK_NONBLOCK for old (pre-2.6.27) kernelsRich Felker2012-09-292-3/+15
| | | | | | | | | | | | | | | also update syslog to use SOCK_CLOEXEC rather than separate fcntl step, to make it safe in multithreaded programs that run external programs. emulation is not atomic; it could be made atomic by holding a lock on forking during the operation, but this seems like overkill. my goal is not to achieve perfect behavior on old kernels (which have plenty of other imperfect behavior already) but to avoid catastrophic breakage in (1) syslog, which would give no output on old kernels with the change to use SOCK_CLOEXEC, and (2) programs built on a new kernel where configure scripts detected a working SOCK_CLOEXEC, which later get run on older kernels (they may otherwise fail to work completely).
* sem_open should make process-shared semaphoresRich Felker2012-09-291-1/+1
| | | | | this did not matter because we don't yet treat process-shared special. when private futex support is added, however, it will matter.
* use O_CLOEXEC to open semaphore files in sem_openRich Felker2012-09-291-2/+2
|
* fix some indention-with-spaces that crept inRich Felker2012-09-294-9/+9
|
* microblaze portRich Felker2012-09-2945-0/+2213
| | | | | | based on initial work by rdp, with heavy modifications. some features including threads are untested because qemu app-level emulation seems to be broken and I do not have a proper system image for testing.
* fix arm clone syscall bug (no effect unless app uses clone)Rich Felker2012-09-271-2/+1
| | | | | the code to exit the new thread/process after the start function returns was mixed up in its syscall convention.
* optimize strchrnul/strcspn not to scan string twice on no-matchRich Felker2012-09-273-25/+29
| | | | | | | | | when strchr fails, and important piece of information already computed, the string length, is thrown away. have strchrnul (with namespace protection) be the underlying function so this information can be kept, and let strchr be a wrapper for it. this also allows strcspn to be considerably faster in the case where the match set has a single element that's not matched.
* slightly cleaner strlen, also seems to compile to better codeRich Felker2012-09-271-6/+4
| | | | | | | testing with gcc 4.6.3 on x86, -Os, the old version does a duplicate null byte check after the first loop. this is purely the compiler being stupid, but the old code was also stupid and unintuitive in how it expressed the check.
* fix dirname to handle input of form "foo/" correctlyRich Felker2012-09-261-6/+5
| | | | also optimized a bit.
* fix handling of EINTR during close()Rich Felker2012-09-241-1/+4
| | | | | | | | | | austin group interpretation for defect #529 (http://austingroupbugs.net/view.php?id=529) tightens the requirements on close such that, if it returns with EINTR, the file descriptor must not be closed. the linux kernel developers vehemently disagree with this, and will not change it. we catch and remap EINTR to EINPROGRESS, which the standard allows close() to return when the operation was not finished but the file descriptor has been closed.
* fix getaddrinfo to accept port 0 (zero)Rich Felker2012-09-221-2/+2
| | | | | | | | new behavior can be summarized as: inputs that parse completely as a decimal number are treated as one, and rejected only if the result is out of 16-bit range. inputs that do not parse as a decimal number (where strtoul leaves anything left over in the input) are searched in /etc/services.
* fix remaining IPC_64 issue (shmctl)Rich Felker2012-09-222-4/+2
| | | | also cleanup cruft related to the issue
* fix IPC_64 in msgctl tooRich Felker2012-09-223-6/+4
|
* fix broken semctl on systems that don't use IPC_64 flagRich Felker2012-09-224-2/+12
| | | | | not tested on mips and arm; they may still be broken. x86_64 should be ok now.
* offer REALGCC variable to configure musl-gcc wrapper at runtimeRich Felker2012-09-211-1/+1
| | | | | | this is useful when the underlying gcc is already a wrapper, which is the case at least on some uclibc-based system images. it's also useful for running an older/newer/nondefault version of gcc.
* LFS64 alias for prlimitRich Felker2012-09-212-0/+4
| | | | issue reported/requested by Justin Cormack
* add clock_adjtime, remap_file_pages, and syncfs syscall wrappersRich Felker2012-09-166-0/+36
| | | | patch by Justin Cormack, with slight modification
* release notes for 0.9.6 v0.9.6Rich Felker2012-09-161-0/+11
|
* add O_EXEC open modeRich Felker2012-09-154-0/+4
| | | | | the linux O_PATH mode provides the necessary semantics for both the O_SEARCH and O_EXEC modes defined and required by POSIX 2008.
* add crypt_md5 password hashRich Felker2012-09-152-2/+285
| | | | contributed by nsz
* fix stupid bug in updating of O_ACCMODE for O_SEARCH supportRich Felker2012-09-151-1/+1
| | | | this could cause major bugs, and warrants a fix release right away.
* 0.9.5 release notes v0.9.5Rich Felker2012-09-151-0/+32
|
* fix syscall asm constraints for arm tooRich Felker2012-09-151-4/+4
| | | | | no problems were detected so far, but the constraints seem to have been invalid just like the mips ones.
* revert low rounds-count limits in crypt hashesRich Felker2012-09-154-4/+4
| | | | | | | | | | | | | | | it was determined in discussion that these kind of limits are not sufficient to protect single-threaded servers against denial of service attacks from maliciously large round counts. the time scales simply vary too much; many users will want login passwords with rounds counts on a scale that gives decisecond latency, while highly loaded webservers will need millisecond latency or shorter. still some limit is left in place; the idea is not to protect against attacks, but to avoid the runtime of a single call to crypt being, for all practical purposes, infinite, so that configuration errors can be caught and fixed without bringing down whole systems. these limits are very high, on the order of minute-long runtimes for modest systems.
* update mips cancellation-point syscall asm with 7-arg and r25 fixesRich Felker2012-09-151-2/+5
| | | | | these fixes were already made to the normal syscall asm but not the cancellation point version.
* fix buggy constraints in mips inline syscall asmRich Felker2012-09-151-2/+2
| | | | | | | | if same register is used for input/output, the compiler must be told. otherwise is generates random junk code that clobbers the result. in pure syscall-wrapper functions, nothing went wrong, but in more complex functions where register allocation is non-trivial, things broke badly.
* workaround gcc got-register-reload performance problems in mallocRich Felker2012-09-141-4/+8
| | | | | | | with this patch, the malloc in libc.so built with -Os is nearly the same speed as the one built with -O3. thus it solves the performance regression that resulted from removing the forced -O3 when building libc.so; now libc.so can be both small and fast.
* remove forced -O3 from shared library CFLAGSRich Felker2012-09-141-1/+1
| | | | | | | | | | | I originally added -O3 for shared libraries to counteract very bad behavior by GCC when building PIC code: it insists on reloading the GOT register in static functions that need it, even if the address of the function is never leaked from the translation unit and all local callers of the function have already loaded the GOT register. this measurably degrades performance in a few key areas like malloc. the inlining done at -O3 avoids the issue, but that's really not a good reason for overriding the user's choice of optimization level.
* use vfork if possible in posix_spawnRich Felker2012-09-141-1/+3
| | | | | | vfork is implemented as the fork syscall (with no atfork handlers run) on archs where it is not available, so this change does not introduce any change in behavior or regression for such archs.
* strsep is BSD|GNU, not GNU-only; it's originally from BSDRich Felker2012-09-131-1/+4
|
* add O_PATH/O_SEARCH support to fcntl.hRich Felker2012-09-135-1/+9
| | | | | | | I'm not 100% sure that Linux's O_PATH meets the POSIX requirements for O_SEARCH, but it seems very close if not perfect. and old kernels ignore it, so O_SEARCH will still work as desired as long as the caller has read permissions to the directory.
* improve mips syscall asm constraints to use immediates, if possibleRich Felker2012-09-111-12/+21
| | | | | | | | | | | | | by using the "ir" constraint (immediate or register) and the carefully constructed instruction addu $2,$0,%2 which can take either an immediate or a register for %2, the new inline asm admits maximal optimization with no register spillage to the stack when the compiler successfully performs constant propagration, but still works by allocating a register when the syscall number cannot be recognized as a constant. in the case of syscalls with 0-3 arguments it barely matters, but for 4-argument syscalls, using an immediate for the syscall number avoids creating a stack frame for the syscall wrapper function.
* eliminate assumption that mips syscall restart preserves r25Rich Felker2012-09-101-23/+12
| | | | | | | | | all past and current kernel versions have done so, but there seems to be no reason it's necessary and the sentiment from everyone I've asked has been that we should not rely on it. instead, use r7 (an argument register) which will necessarily be preserved upon syscall restart. however this only works for 0-3 argument syscalls, and we have to resort to the function call for 4-argument syscalls.
* asm for memmove on i386 and x86_64Rich Felker2012-09-102-0/+36
| | | | | | | for the sake of simplicity, I've only used rep movsb rather than breaking up the copy for using rep movsd/q. on all modern cpus, this seems to be fine, but if there are performance problems, there might be a need to go back and add support for rep movsd/q.
* fix another ppoll issue (missing sigset_t size argument)Rich Felker2012-09-101-1/+1
|